<?php
// DB Created by Rich L. a member in service in Northern Delaware.  Please feel free to share this code wherever it may be useful to alcholoics.  Should you have questons please contact me at sobernerd@gmail.com
$jQuery = true;
$jQueryCookie = true;
$hoverIntent = true;
$pageTitle = 'Soberpress - User Administration';
require_once ('../../config/include_paths.php');
require_once ('config.php');
require_once ('functions.php');
require_once ('dbconnect.php');
require_once ('adminhead.php');
$usersData = mysql_query("SELECT * FROM users");
if (!$usersData) {
    die('Invalid query: ' . mysql_error());
}
$userCount = mysql_num_rows($usersData);
?>

<body onLoad="checkMenuSettings(); ">
<div id="wrapper">
  <?php require_once ('adminHeader.php'); ?>
  <div class="clearfloat">&nbsp;</div>
  <div id="sidebar">
    <?php require_once ('adminNav.php'); ?>
  </div>
  <div id="main_content">
    <?php


if (isset($_POST['submit'])) { // if form has been submitted
	/* check they filled in what they supposed to, 
	passwords matched, username
	isn't already taken, etc. */

	if (!$_POST['username'] | !$_POST['password'] | !$_POST['email']) {
		die('You did not fill in a required field. Please <a href="users.php?newuser=yes" title="Login">try again</a>');
	}

	// check if username exists in database.

	if (!get_magic_quotes_gpc()) {
		$_POST['username'] = addslashes($_POST['username']);
	}



	$name_check = mysql_query("SELECT username FROM users WHERE username = '".$_POST['username']."'") or die(mysql_error());

	$name_checkk = mysql_num_rows($name_check);

	if ($name_checkk != 0) {
		die('Sorry, the username: <strong>'.$_POST['username'].'</strong> is already taken, please pick another one.');
	}

	// check e-mail format

	if (!preg_match("/.*@.*..*/", $_POST['email']) | preg_match("/(<|>)/", $_POST['email'])) {
		die('Invalid e-mail address.');
	}

	// no HTML tags in username, password

	$_POST['username'] = strip_tags($_POST['username']);
	$_POST['password'] = strip_tags($_POST['password']);
	


	// check show_email data

	if ($_POST['show_email'] != 0 & $_POST['show_email'] != 1) {
		die('Nope');
	}

	// now we can add them to the database.
	// encrypt password

	$_POST['password'] = md5($_POST['password']);

	if (!get_magic_quotes_gpc()) {
		$_POST['password'] = addslashes($_POST['password']);
		$_POST['email'] = addslashes($_POST['email']);
	}

  	processTable('users');
	$message = $_SESSION['message'];

	mysql_close($conn);
?><div class="contentTable">
    <h1>Registered</h1>
    <p>The information has been added to the database.</p><br />
    </div>
    <?php

} else {	// if form hasn't been submitted
if (isset($_GET['newuser'])) {
	$currentdate = date("Y-m-d H:i:s");
?>  <div class="contentTable">
    <h1>Register new user</h1>
    <form action="users.php" method="post">
      <table align="center" id="newUserForm">
        <tr>
          <td>Username*:</td>
          <td><input type="text" name="username" maxlength="40"></td>
        </tr>
        <tr>
          <td>Password*:</td>
          <td><input type="password" name="password" maxlength="50"></td>
        </tr>
        <tr>
  	    <td><label for="fname">First Name</label></td>
  	    <td><input type="text" name="fname" id="fname" value=""></td>
      </tr>
  	  <tr>
  	    <td><label for="lname">Last Name</label></td>
  	    <td><input type="text" name="lname" id="lname" value=""></td>
      </tr>
  	   <tr>
  	    <td><label for="title">Title</label></td>
  	    <td><input type="text" name="title" id="title" value=""></td>
      </tr>
        <tr>
          <td>E-Mail*:</td>
          <td><input type="text" name="email" maxlength="100"></td>
        </tr>
        <tr>
          <td>Admin:</td>
          <td><p>
            <label>
              <input type="radio" name="admin" value="1" id="Admin_0">
              Yes</label>
            <label>
              <input type="radio" name="admin" value="0" id="Admin_1">
              No</label>
            <br>
          </p></td>
        </tr>
         <tr>
          <td>List in Contacts:</td>
          <td><p>
            <label>
              <input type="radio" name="listInContacts" value="1" id="listInContacts_0">
              Yes</label>
            <label>
              <input type="radio" name="listInContacts" value="0" id="listInContacts_1">
              No</label>
            <br>
          </p>
        </td>
      </tr>
        <tr>
          <td colspan="2" align="right"><div align="center">
              <input type="submit" name="submit" value="Set New User">
            </div></td>
        </tr>
      </table>
      <input name="regdate" type="hidden" value="<?php echo $currentdate ?>" />
    </form>
    </div>
    <?php  
} else {
	if ($userCount > 0) {
?>
    <div class="contentTable">
      <table width="100%" cellspacing="0" cellpadding="0" border="0" class="scrollTable">
        <thead class="userHeader">
          <tr class="titleRow">
            <th colspan="7" class="tableTitle">Current Users&nbsp;&nbsp;&nbsp;(<?php echo $userCount;?>)</th>
          </tr>
          <tr class="alternateRow">
            <th>Username</th>
            <th>First Name</th>
            <th>Last Name</th>
            <th>Title</th>
            <th>Email</th>
            <th>Last Login</th>
            <th>&nbsp;</th>
          </tr>
        </thead>
        <tbody class="userContent">
          <?php
		$i = 0;
        while ($row = mysql_fetch_assoc($usersData))
        {if ($i % 2){$rolocolor = '#CCC';}?>
          <tr id="<?php echo $row['id']?>" class="userRow" onClick="DoNav('userform.php?id=<?php echo $row['id']?>');">
            <td><?php echo $row['username'];?></td>
            <td><?php echo $row['fname'];?></td>
            <td><?php echo $row['lname'];?></td>
            <td><?php echo $row['title'];?></td>
            <td><?php echo $row['email'];?></td>
            <td><?php echo $row['last_login'];?></td>
            <td><a title="Delete" href="deleteform.php?id=<?php echo $row['id']?>&table=users&returnTo=users.php"><img src="../images/delete_button.png"></a></td>
          </tr>
          <?php $i++;}?>
        </tbody>
      </table>
    </div>
    <?php
		echo $row['password'];
		echo $row['admin'];
		echo $row['regdate'];
	}
}
?>
  </div>
</div>
<?php 
} 
?>
</body>
</html>